kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
45,802 Commits 1 Branch 0 Tags 899 MiB
Commit Graph

6 Commits

Author SHA1 Message Date
Robert Speicher 4642ca6686 Use `empty_project` where possible in controller specs 2017-01-25 17:14:38 -05:00
Felipe Artur 781cca8d45 Fix redirect after update file when user has forked project 2016-12-29 21:11:34 -02:00
James Lopez 280afe0a64 fix blob controller spec failure - updated not to use file-path- 2016-11-29 10:40:56 +01:00
Douwe Maan 742cee756b Merge branch 'jej-22869' into 'security' 
Fix information disclosure in `Projects::BlobController#update`

It was possible to discover private project names by modifying `from_merge_request`parameter in `Projects::BlobController#update`. This fixes that.

- [ ] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG.md) entry added
- Tests
  - [x] Added for this feature/bug
  - [ ] All builds are passing
- [x] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html)
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

https://gitlab.com/gitlab-org/gitlab-ce/issues/22869

See merge request !2023
 2016-11-28 21:25:18 -03:00
Semyon Pupkov 40fa1b6e6f Use user from let instead recreate in before 2016-10-09 20:31:28 +05:00
Ruben Davila 7627cc1989 Validate presence of essential params for diff rendering 
This will avoid application errors generated by the assumption of the
presence of these params.
 2016-06-24 16:20:53 -05:00